CVE-2024-41992

{"id": "CVE-2024-41992", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2024-11-11T01:15:04.813", "references": [{"url": "https://ssd-disclosure.com/ssd-advisory-arcadyan-fmimg51ax000j-wifi-alliance-rce/", "source": "[email protected]"}, {"url": "https://www.kb.cert.org/vuls/id/123336", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "Wi-Fi Alliance wfa_dut (in Wi-Fi Test Suite) through 9.0.0 allows OS command injection via 802.11x frames because the system() library function is used. For example, on Arcadyan FMIMG51AX000J devices, this leads to wfaTGSendPing remote code execution as root via traffic to TCP port 8000 or 8080 on a LAN interface. On other devices, this may be exploitable over a WAN interface."}, {"lang": "es", "value": "La versi\u00f3n wfa_dut de Wi-Fi Alliance (en Wi-Fi Test Suite) hasta la versi\u00f3n 9.0.0 permite la inyecci\u00f3n de comandos del sistema operativo a trav\u00e9s de tramas 802.11x porque se utiliza la funci\u00f3n de librer\u00eda system(). Por ejemplo, en los dispositivos Arcadyan FMIMG51AX000J, esto lleva a la ejecuci\u00f3n remota del c\u00f3digo wfaTGSendPing como root a trav\u00e9s del tr\u00e1fico al puerto TCP 8000 o 8080 en una interfaz LAN. En otros dispositivos, esto puede ser explotable a trav\u00e9s de una interfaz WAN."}], "lastModified": "2024-11-21T09:33:23.303", "sourceIdentifier": "[email protected]"}